Story image

AMEX phishing scam uses encryption to lull users into ‘false sense of security’

27 Jan 17

A new fake AMEX phishing attack uses tactics that lull users into a false sense of security - it creates a website that mirrors the real one – and it has an SSL certificate, says security company MailGuard

The attack first start with a phishing email that states ‘suspicious activity’ has been detected on the victim’s credit card, and that corrective action must be taken.

To make it seem more convincing, the email says the card was recently used in Texas to purchase items. For security, the charges may be declined and the victim must click a link to ‘safeguard’ their account.

That link, MailGuard says, is a convincing American Express website that mirrors the real one, but the domain is different: onlinebanking-americanexpress.com.

It also has an SSL certificate, achieved by many criminals by using a free SSL certificate provider.

The certificates make the site seem secure, but all it means is that the information sent over the fake website is encrypted.  Fooled users enter the details, which are then stolen, and are then taken to the real AMEX website.

MailGuard uncovered the email this week, and so far none of the 68 popular antivirus vendors were detecting the suspicious links.

MailGuard recommends users watch out for phishing scams by:

  • Checking the sender’s email address and comparing it to the real organisation’s website address
  • If the sender’s email is different or is sent from a free web address, it is most likely a phishing attempt
  • Checking if the greeting includes your name or a generic greeting such as “dear customer”
  • Checking if the requested account action is “urgent” or your account will be suspended or closed
  • If the email asks for personal information such as username, password, bank details or other sensitive information, it is most likely a phishing attempt.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.